spring-webflow is vulnerable to a data binding expression vulnerability. The vulnerability is caused when the MvcViewFactoryCreator useSpringBinding
property is set to false
by default. Therefore, applications which use the default settings are vulnerable to malicious EL expressions in view states. The view states that are vulnerable are ones which process form submissions that do not have a sub-element to declare explicit data binding property mappings.
CPE | Name | Operator | Version |
---|---|---|---|
spring web flow | le | 2.4.4.RELEASE | |
spring web flow | le | 2.4.4.RELEASE |